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IN THE CLAIMS : 

Claims 9 and 28 have been canceled herein. Claims 1 and 27 have been amended herein. 
Please note that all claims currently pending and under consideration in the referenced 
application are shown below. Please enter these claims as amended. This listing of claims will 
replace all prior versions and listings of claims in the application. 

Lis tine of Claims : 

1 . (Currently amended) A system for the authentication by a card-issuing financial 
institution of identifying information of a card-holding user of a public data network, 
including the system comprising : 

a secure data entry device connected to the public data network; and 

a gateway device connected to the public data network and to a private data 
network used for transmitting messages between financial institutions; 

wherein the secure data entry device includes comprises means for the user to 
enter identifying information of a card issued by the financial institution, means for the 
user to enter the user's Personal Identification Number CTIN"), means for encrypting the 
identifying information and PIN for secure transmission, and means for transmitting the 
encrypted identifying information and PIN in a secure manner via the data transmission 
output over the public data network to the gateway device; [[and]] 

wherein the gateway device includes means for transmitting the identifying 
information to the card-issuing financial institution and for receiving an approval 
response from the card-issuing financial institution over the private data network; and 

whereby the approval response provides authentication of the identifying 
information by the card-issuing financial institution. 

2. (Original) The system of claim 1 wherein the public data network is the Internet. 

3. (Previously presented) The system of claim 1 wherein the secure data entry 
device is connected to the public data network via a personal computer. 
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4. (Previously presented) The system of claim 1 wherein the private data network is 
an inter-bank network used for the transferral of electronic transaction data. 

5. (Original) The system of claim 4 wherein the private data network is provided via 
a dedicated network operated for the sole purpose of conducting electronic financial 
transactions. 

6. (Original) The system of claim 4 wherein the private data network is a virtual 
private network operated for the purpose of conducting electronic financial 
transactions via a host of public data network. 

7. (Previously presented) The system of claim 1 wherein the secure data entry 
device further includes: a card reader for reading relevant information stored on the 
user's card; and a keypad to enable the user to enter data into the system. 

8. (Original) The system of claim 7 wherein the card reader is able to read one or 
both of ISO 7816 'smart card' or ISO 781 1 'mag stripe' type cards. 

9. (Canceled). 

10. (Previously presented) The system of claim 1 wherein said identifying 
information includes one or more of: 

the Primary Account Number associated with the card; 
the expiry date of the card; and 

the user's Personal Identification Number associated with the card. 

1 1 . (Previously presented) The system of claim I wherein the identifying information 
is transmitted using a standard transaction message format compliant to ISO 8583. 
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12. (Original) The system of claim 1 1 wherein the ISO 8583 message used is one of 
an '0200' financial presentment message, and or an '0104' authorization message. 

13. (Previously presented) The system of claim 1 wherein the gateway device also 
includes means for transmitting the approval response to the secure data entry device. 

14. (Original) The system of claim 13 wherein the secure data entry device further 
includes means for deriving from the approval response verifiable proof that the 
customer's identifying information has been authenticated by the card-issuing 
financial institution. 

15. (Original) The system of claim 14 wherein said proof is an authentication data 
block, consisting of data computed in a secure manner from the approval sent from 
the card-issuing bank. 

16. (Original) The system of claim 15 wherein the data block is a whole or truncated 
encryption of the approval message derived using an encryption key stored securely 
within the secure data entry device. 

17. (Previously presented) The system of claim 1 wherein the gateway device further 
includes means to generate a replacement card number upon receipt of the approval 
response from the card-issuing institution. 

18. (Original) The system of claim 17 wherein the replacement card number is 
transmitted to the secure data entry device over the public data network. 

19. (Previously presented) The system of claim 17 wherein the replacement card 
number is generated dynamically for use in a single transaction. 

20. (Previously presented) The system of claim 17 wherein the replacement card 
number is maintained and used for multiple transactions. 
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21. (Previously presented) The system of claim 17 wherein supplementary details of 
a transaction are also be transmitted to the gateway device by the secure data entry 
device, and wherein said supplementary details include one or more of the transaction 
amount and a merchant identification. 

22. (Original) The system of claim 21 wherein said supplementary details are 
transmitted to the gateway device in the transaction message carrying the identifying 
information. 

23. (Previously presented) The system of claim 17 wherein the Bank Identification 
Number of the replacement card number may be selected such that the payment 
transaction is routed through the gateway device on the private data network before 
being sent to the card-issuing financial institution. 

24. (Previously presented) The system of claim 17 wherein the Bank Identification 
Number of the replacement card number may be selected such that the payment 
transaction is directed over the private data network to the gateway device by 
identifying the gateway device as a card-issuing institution of the replacement card 
number. 

25. (Previously presented) The system of claim 17 wherein the gateway device 
further includes: means for receiving payment transaction messages from the private 
data network; means for modifying received payment transaction messages; and 
means for transmitting said modified payment transaction messages to the card- 
issuing financial institution; whereby the gateway device is able to substitute actual 
card numbers for replacement card numbers before transmitting received payment 
transaction messages to the card-issuing financial institution. 

26. (Previously presented) The system of claim 17 wherein the gateway device 

further includes a database of replacement card numbers including corresponding 

actual card numbers and supplementary transaction details. 
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27. (Currently amended) A method for the authentication by a card-issuing financial 
institution of identifying information of a card-holding user of a public data network, 
including comprising the steps of: 

providing a secure data entry device comprising a discrete device having a data 
transmission output connected to the public data network; 

providing a gateway device connected to the public data network and to a private 
data network used for transmitting messages between financial institufions; 

the user entering identifying information of a card issued by the card issuing 
financial institution into the secure data entry device; 

the user entering the user's Personal Identification Number (PIN) into the secure 
data entry device; 

encrypting by the secure data entry device the identifying information and PIN for 
their secure transmission: 

transmitting the encrypted identifying information and PIN in a secure manner via 
the data transmission output over the public data network to the gateway device; 
transmitting the identifying information to the card-issuing financial institution; and 

receiving an approval response from the card-issuing financial institution over the 
private data network; 

whereby the approval response provides authentication of the identifying 
information by the card-issuing financial institution. 

28. (Canceled). 



6 



